Close Menu
TechBrunchTechBrunch
  • Home
  • AI
  • Apps
  • Crypto
  • Security
  • Startups
  • TechCrunch
  • Venture

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

What's Hot

Only 2 days left to request your exhibition table in 2025

September 4, 2025

Google brings Pixel 6 and new devices to Material3 Expressive, along with other features, to the Pixel 6 and new devices

September 3, 2025

Google's NoteBookLM now allows you to customize the tone of your AI podcasts

September 3, 2025
Facebook X (Twitter) Instagram
TechBrunchTechBrunch
  • Home
  • AI

    OpenAI seeks to extend human lifespans with the help of longevity startups

    January 17, 2025

    Farewell to the $200 million woolly mammoth and TikTok

    January 17, 2025

    Nord Security founder launches Nexos.ai to help enterprises move AI projects from pilot to production

    January 17, 2025

    Data proves it remains difficult for startups to raise capital, even though VCs invested $75 billion in the fourth quarter

    January 16, 2025

    Apple suspends AI notification summaries for news after generating false alerts

    January 16, 2025
  • Apps

    Google brings Pixel 6 and new devices to Material3 Expressive, along with other features, to the Pixel 6 and new devices

    September 3, 2025

    Google's NoteBookLM now allows you to customize the tone of your AI podcasts

    September 3, 2025

    Roblox expands the use of age estimation techniques and introduces standardized assessments

    September 3, 2025

    Instagram finally launches the iPad app

    September 3, 2025

    Complete the 2025 Confusion Builder Stage Agenda with the Maximum Scaling Voice

    September 3, 2025
  • Crypto

    Coinbase CEO explains why he fired an engineer who didn't try AI right away

    August 22, 2025

    Your next customer is destroying the 2025 Expo floor

    August 19, 2025

    Crypto Company Gemini File for Winklevoss Twins IPO

    August 16, 2025

    North Korean spies pretending to be remote workers have invaded hundreds of businesses, CloudStrike says

    August 4, 2025

    Telegram's Crypto Wallet will be released in the US

    July 22, 2025
  • Security

    Venezuelan president believes that American spies cannot hack Huawei's phones

    September 3, 2025

    ICE revitalizes its contract with Spyware Maker Paragon

    September 2, 2025

    WhatsApp fixes a “zero click” bug used to hack Apple users with spyware

    August 29, 2025

    According to Transunion, hackers say they stole the personal information of 4.4 million customers

    August 28, 2025

    The FBI says that China's salt typhoon has hacked at least 200 US companies

    August 27, 2025
  • Startups

    7 days left: Founders and VCs save over $300 on all stage passes

    March 24, 2025

    AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

    March 24, 2025

    20 Hottest Open Source Startups of 2024

    March 22, 2025

    Andrill may build a weapons factory in the UK

    March 21, 2025

    Startup Weekly: Wiz bets paid off at M&A Rich Week

    March 21, 2025
  • TechCrunch

    OpenSea takes a long-term view with a focus on UX despite NFT sales remaining low

    February 8, 2024

    AI will save software companies' growth dreams

    February 8, 2024

    B2B and B2C are not about who buys, but how you sell

    February 5, 2024

    It's time for venture capital to break away from fast fashion

    February 3, 2024

    a16z's Chris Dixon believes it's time to focus on blockchain use cases rather than speculation

    February 2, 2024
  • Venture

    Only 2 days left to request your exhibition table in 2025

    September 4, 2025

    Adeo Ressi and Sarah Lacy call BS about the story of a shrinking emerging manager

    September 3, 2025

    3 days remaining 2025 to lock TechCrunch exhibitor spots

    September 3, 2025

    There are 4 days left and 10 tables left to be exhibited in 2025

    September 2, 2025

    US and India's VCS had just formed an alliance of over $1 billion to fund deep tech startups in India

    September 2, 2025
TechBrunchTechBrunch

Clop ransomware gang releases names of dozens of victims of Cleo mass hack, but multiple companies dispute breaches

TechBrunchBy TechBrunchJanuary 16, 20254 Mins Read
Facebook Twitter Pinterest Telegram LinkedIn Tumblr WhatsApp Email
Share
Facebook Twitter LinkedIn Pinterest Telegram Email


The prolific Clop ransomware group has exploited vulnerabilities in several companies' popular file transfer products, developed by US software company Cleo, to hack dozens of corporate victims it claims to have hacked in recent weeks. Announced the name.

In a post on a dark web leak site seen by TechCrunch, the Russian-linked Klopp Gang listed 59 organizations it claims were compromised by exploiting high-risk bugs in Cleo's software tools.

This flaw affects Cleo's LexiCom, VLTransfer, and Harmony products. Cleo first disclosed this vulnerability in an October 2024 security advisory before security researchers observed it being heavily exploited by hackers several months later in December. .

Klopp claimed in his post that he notified the compromised organizations, but that the victim organizations did not negotiate with the hackers. Clop has threatened to release the allegedly stolen data on January 18th unless the ransom demand is paid.

Enterprise file transfer tools are popular targets for ransomware hackers, especially Clop, as sensitive data is often stored on the system. In recent years, ransomware groups have previously taken credit for exploiting vulnerabilities in Progress Software's MOVEit Transfer product and later mass exploiting vulnerabilities in Fortra's GoAnywhere managed file transfer software.

Following the recent hacking incident, at least one company has confirmed a breach related to the attack on Clop's Cleo system.

German manufacturing giant Covestro told TechCrunch that it was contacted by Klopp and subsequently confirmed that the group had accessed certain data stores on its systems.

“We have confirmed that there has been unauthorized access to a logistics server in the United States used to exchange shipping information with our carriers,” Covestro spokesperson Przemysław Jedryszyk said in a statement. “In response, we have taken steps to ensure the integrity of our systems, increase security monitoring, and proactively notify our customers.

Jedrysik acknowledged that “the majority of the information contained on the server was not sensitive,” but declined to say what kind of data was accessed.

Other alleged victims TechCrunch spoke to dispute Kropp's claims, saying they were not compromised as part of the gang's latest major hacking campaign.

Emily Spencer, a spokeswoman for US car rental giant Hertz, said in a statement that the company was “aware” of Klopp's claims, but added: “At this time there is no evidence that Hertz data or Hertz systems were affected.” No,” he said.

“Out of an abundance of caution, we continue to actively monitor this issue with the support of our third-party cybersecurity partners,” Spencer added.

Christine Panayiotou, a spokeswoman for Australian logistics company Lynfox, which was listed on Klopp's leak site, said the company does not use the Cleo software and has “not experienced any cyber incidents involving its systems.” He disputed the gang's claims.

Panayotou did not respond to a question about whether Linfox's data was accessed due to a cyber incident involving a third party.

Spokespeople for Arrow Electronics and Western Alliance Bank also told TechCrunch that they found no evidence that their systems were compromised.

Klopp also listed software supply chain giant Blue Yonder, which was recently compromised. The company confirmed the ransomware attack in November, but has not updated its cybersecurity incident page since December 12th.

When last contacted by TechCrunch, Blue Yonder spokesperson Marina Renneke said on Dec. 26 that the company “uses Cleo to support and manage certain file transfers,” and that potential He acknowledged that he was investigating the access, but added that the company had “no reason to believe the information.” The Cleo vulnerability is related to a cybersecurity incident that occurred in November. ” In a communication this week, the company provided no evidence of this claim, nor did it provide any more recent comment.

None of the companies that responded to TechCrunch's questions would say whether they have logging or other technical means to detect data access or leaks.

TechCrunch has not yet received responses from other organizations listed on Clop's leak site. Clop claims to be adding more victims to its Dark Web leak site on January 21st.

It's still unclear how many companies were targeted, and Cleo itself is listed as a Clop victim, but did not respond to TechCrunch's questions.



Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Venezuelan president believes that American spies cannot hack Huawei's phones

September 3, 2025

ICE revitalizes its contract with Spyware Maker Paragon

September 2, 2025

WhatsApp fixes a “zero click” bug used to hack Apple users with spyware

August 29, 2025

According to Transunion, hackers say they stole the personal information of 4.4 million customers

August 28, 2025

The FBI says that China's salt typhoon has hacked at least 200 US companies

August 27, 2025

US sanctions fraud network used by North Korea's “remote IT workers” to steal money for work

August 27, 2025

Leave A Reply Cancel Reply

Top Reviews
Editors Picks

7 days left: Founders and VCs save over $300 on all stage passes

March 24, 2025

AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

March 24, 2025

20 Hottest Open Source Startups of 2024

March 22, 2025

Andrill may build a weapons factory in the UK

March 21, 2025
About Us
About Us

Welcome to Tech Brunch, your go-to destination for cutting-edge insights, news, and analysis in the fields of Artificial Intelligence (AI), Cryptocurrency, Technology, and Startups. At Tech Brunch, we are passionate about exploring the latest trends, innovations, and developments shaping the future of these dynamic industries.

Our Picks

Only 2 days left to request your exhibition table in 2025

September 4, 2025

Google brings Pixel 6 and new devices to Material3 Expressive, along with other features, to the Pixel 6 and new devices

September 3, 2025

Google's NoteBookLM now allows you to customize the tone of your AI podcasts

September 3, 2025

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

© 2025 TechBrunch. Designed by TechBrunch.
  • Home
  • About Tech Brunch
  • Advertise with Tech Brunch
  • Contact us
  • DMCA Notice
  • Privacy Policy
  • Terms of Use

Type above and press Enter to search. Press Esc to cancel.